Cyber Security Practitioner

Volume: 2 Issue: 4
(April 2016)


News

Microsoft filed suit in a US federal court in Seattle on 14 April 2016 against the Department of Justice (‘DoJ’), alleging that the DoJ is violating the US Constitution by preventing Microsoft from notifying its customers about government requests to access data stored in the cloud. / read more

The International Association of Insurance Supervisors (‘IAIS’) published on 14 April 2016 its Issues Paper on Cyber Risk to the Insurance Sector (‘Paper’), which details how the insurance sector is exposed to cyber risk and warns of its vulnerability to cyber incidents. / read more

US Senators Richard Burr, Chairman of the Senate Intelligence Committee, and Diane Feinstein, put forward a discussion draft entitled the ‘Compliance with Court Orders Act of 2016’ on 7 April 2016, which would require companies served with a court order to provide ‘technical assistance’ to government investigators when seeking to access encrypted data. / read more


Features

The Panama Papers data leak is the biggest ever. Bigger than WikiLeaks/Cablegate. Bigger than Snowden. The whistleblower’s identity is still unknown and it is still a matter of speculation about where the data were extracted from. The only certainties at the moment are: that we know the identities of just a small fraction of the people and entities who are caught up in this drama; that this story will run and run; and that it will trigger law reform processes of various sorts. It has been labelled a ‘wake up call’ for the insider threat. / read more

The Australian Government launched its new Cyber Security Strategy on 21 April 2016, which aims to improve Australia’s cyber resilience. In announcing the new Strategy, Australian Prime Minister Malcolm Turnbull publically admitted for the first time that the Government’s own Bureau of Meteorology was the subject of a cyber attack in 2015. The Cyber Security Strategy also confirms that the Australian Government has the capability to launch its own cyber attack. Paul Kallenbach and Leah Mooney of Minter Ellison provide details on the evolution of cyber security in Australia and the key themes set out in the new Strategy. / read more

Earlier this year, multiple hospitals in Germany fell victim to ransomware attacks, which disabled their IT infrastructure. While these attacks are far from being limited to hospitals, these cases gained media attention due to the relevance of healthcare for the general population. In addition, as hospitals are required to thoroughly protect health data, these attacks have raised additional concerns. Jana Grieb and Claus Färber of McDermott Will & Emery explain the legal implications of such attacks and how hospitals should respond. / read more

The current legal and organisational landscape for cyber security in Poland is far from perfect. However, the Polish government has a clear goal of improving cyber security in the country, and is currently working on a final draft of a document, ‘Assumptions concerning a Cyber Security Strategy for the Republic of Poland’ (‘ACSS’). This document sets out, inter alia, the agency responsible for organising the system for protecting Poland’s cyberspace. Ewa Kurowska-Tober and Łukasz Czynienik of DLA Piper outline the current failings of Poland’s cyber security system, discuss the ACSS and the Polish Government’s steps to improve Poland’s cyber security, and look at how Poland is planning to implement the EU Network and Information Security Directive. / read more

While India does not have legislation dedicated to cyber security, it does have laws that impact on cyber security. The Information Technology Act 2000, amended in 2009, is the primary law covering aspects of cyber security. Companies active in the Indian market must be aware of the cyber security requirements under Indian law. Pavan Duggal, Head of Pavan Duggal Associates, considers the legal background to cyber security in India and why compliance with the requirements is so important. / read more

On 2 March 2016, the Consumer Financial Protection Bureau (‘CFPB’) brought its first ever data security enforcement action against online payment platform Dwolla Inc. Nathan D. Taylor, Partner at Morrison & Foerster LLP, discusses the order and its implications both for the CFPB and for future action. / read more

On 25 July 2015, the German IT Security Act (‘Act’) came into force; the Act addresses providers of critical infrastructures. It was however left to an ordinance, which at the time was not yet created, to define the term ‘critical infrastructure’ and thus, who will be affected by the Act. On 13 April 2016, the German Federal Cabinet adopted the outstanding Ordinance of the Federal Ministry of the Interior (‘Ordinance’)1. The Ordinance brings legal certainty for companies who should now start to assess whether they fulfil the criteria of a ‘critical infrastructure’ and are therefore bound by the obligations of the Act. As compliance with those requirements leads to considerable administrative efforts and substantial costs, providers of critical infrastructures should take the necessary measures to implement the required changes as soon as possible. / read more

The Information Commissioner’s Office (‘ICO’) published encryption guidelines (‘Guidance’) on 3 March 2016, and has indicated that failing to comply with the Guidance will expose organisations to regulatory action. Sam Jardine and Deirdre Meehan of Fieldfisher unravel the what, why, where and how of the Guidance, including practical tips for organisations. / read more


About Cyber Security Practitioner:

Cyber Security Practitioner, the most recently launched monthly publication from Cecile Park Media, provides a multi-disciplinary view on the cyber security challenges facing global businesses and delivers insight into operational change. It covers cyber security regulation, data breach, data security, cyber risk, cyber crime, ethical hacking, privacy and data protection, cyber infrastructure, technical solutions, risk management, information assurance, security standards, liability, consumer protection, ransomware and other cyber threats, cyber insurance... /read more

Search Publication Archives



Our publication archives contain all of our articles.
Can’t find what you are looking for?
Try an Advanced Search

Log in to cyber security practitioner
Subscribe to cyber security practitioner
Register for a Free Trial to cyber security practitioner
Sign up for e-mail alerts
cyber security practitioner Pricing

Social Media

Follow cyber security practitioner on TwitterView cyber security practitioner LinkedIn Profilecyber security practitioner RSS Feed